I’ve been getting a few sporadic reports of SPAM that’s supposedly from hackaday.com on it. It’s a bit surprising, considering that the only email we send out automatically consists of comment confirmation requests to prevent comment SPAM.
So do me a favor… if you’ve gotten any, send it along with the email headers so I can track down the source and destroy er make it stop.
What of the spam fleet amassing around Sullust?
Posted at 11:55 am on Jan 3rd, 2008 by Kevin
I don’t have any, but if I did where would I send it?
Posted at 12:00 pm on Jan 3rd, 2008 by Ali Raheem
best not be messin with the ‘day.
Happy new year, BTW.
little late no less heartfelt
Posted at 12:20 pm on Jan 3rd, 2008 by strider_mt2k
I could imagine myself doing something like that…
almost. Not quite.
I suspect it’s someone’s idea of a prank.
Posted at 12:32 pm on Jan 3rd, 2008 by Skyler Orlando
I have blocked 2 spam messages in the last 7 days with a from domain of hackaday.com. Where do I email the headers?
Posted at 12:34 pm on Jan 3rd, 2008 by Jeff Ramsey
Here’s what I have from my Barracuda. In CSV. I removed you domain from the senders.
“Sender Whitelisted”,Time,From,To,Subject,Action,Reason,Score,”Encryption Status”,Size,”Source IP”,”Delivery Status”,ID
No,”2007-12-09 11:56:25″,EarleneBritton@YOURDOMAIN.com,garza@MYDOMAIN.com,,Blocked,”Invalid Recipient”,,None,,unknown[41.251.84.89],,1197219384-7451-10809-1
No,”2007-12-07 12:06:41″,TamikaroachJoiner@YOURDOMAIN.com,garner@MYDOMAIN.com,,Blocked,”Invalid Recipient”,,None,,pool-71-127-12-214.spfdma.east.verizon.net[71.127.12.214],,1197047200-7447-9248-1
Posted at 1:12 pm on Jan 3rd, 2008 by Tom
It’s in such low volumes I presume it’s spammers spoofing the domain. I own a domain that never sends out any emails (web site only, no email addresses) and I sometimes get people claiming I sent them spam.
Not really much that can be done about it…
Posted at 2:06 pm on Jan 3rd, 2008 by O Mattos
Today on Hack-a-day: How to spoof emails
1. Open a command prompt
2. Type telnet name.of.your.ISP.mailserver 25
3. type: helo
4. type: mail from: (this can be any address you want to spoof email from)
5. type: rcpt to:
6. type: data
7. type: subject=spoofed email from HAD!
8. type whatever you want in the email message
9. end the message with a . on a new line
Presto-Changeo people start complaining they are getting spam sent from hackaday.com
Posted at 2:55 pm on Jan 3rd, 2008 by Dax
eek, html formatting stripped out some details, on step 5 use: rcpt to: nospace < nospace emailaddress nospace >
and do the same thing for step 4.
Posted at 2:57 pm on Jan 3rd, 2008 by Dax
http://www.siteadvisor.com/sites/hackaday.com
Seems to show you fine there. A whopping 2.9 emails per month (Wtf? They only got 2 :P )
Posted at 2:58 pm on Jan 3rd, 2008 by snorkle256
There is a way to block spoofed email addresses. There is a new type of DNS record that you may be interested in. It has its good and bad points. Its called SPF (Sender Policy Framework).
http://www.openspf.org/
http://en.wikipedia.org/wiki/Sender_Policy_Framework
Posted at 3:51 pm on Jan 3rd, 2008 by Norm
probably the spammer posted a comment to the site then got the confirmation email then got the email address from the from line and crafted a phish message from the details.
i hope we dont have to resort to decoding captcha’s to send comments.
Posted at 6:01 pm on Jan 3rd, 2008 by ejonesss
I wish the ISPs would only allow CORRECT header info to spew from their servers…
How is it possible/allowed for people to falsify the from header?? Should be MANDATORY for servers to display CORRECT infoamtion…. So spammers can be TRACKED and STOPPED!… And sterilized.
Posted at 8:17 pm on Jan 3rd, 2008 by pete
I have a php script on my site that sends ‘x’ URL via e-mail from the sender’s e-mail so that when the message is replied to, it goes back to the sender, not wannafork… works well to keep from MY mail server from getting crowded… not hard to do at all, and doesn’t look like it’s from my server at all…
“ISPs should only allow correct header info”.
Many do. However, that isn’t going to stop anybody who controls their own email server. I can load up sendmail on my machine right now and send all the mail claiming to be from hackaday I want.
the Sender Policy Framework is designed to mitigate this problem. The recieving server confirms against a DNS record that the server sending mail is permitted to do so.
I notice that Hackady does not have SPF records set up. This is probably one of the best tools at your disposal to stop these forged emails.
Haven’t gotten any spam from you, but I do once in a while get a bounce of a spam that has been spoofed to look like it came from me, so I’d appreciate any advice on tracking down (etc.) spammers.
Posted at 1:21 pm on Jan 5th, 2008 by Warren
More of the spam that I get are autoresponders, “User Not Found” or “Your spam has been blocked”. Sounds like someone’s having a field day with my domain.
Ways to help it: Don’t set up a “Postmaster” or “catchall” email box: That will end up with the most spam like this. Bounces get bounced :)
Again, email spoofers SUCK, and must be smacked.
Hack a Day serves up fresh hacks each day, every day from around the web and a special How-To hack each week.
Powered by WordPress
just checked my spam folder. nada.
Posted at 11:30 am on Jan 3rd, 2008 by kaelb